- Impact
- 24,477
Attackers don't bother brute-forcing long passwords, Microsoft engineer says
According to data collected by Microsoft’s network of honeypot servers, most brute-force attackers primarily attempt to guess short passwords, with very few attacks targeting credentials that are either long or contain complex characters.
“I analysed the credentials entered from over >25 million brute force attacks against SSH. This is around 30 days of data in Microsoft’s sensor network,” said Ross Bevington, a security researcher at Microsoft.
Read more:
https://therecord.media/attackers-dont-bother-brute-forcing-long-passwords-microsoft-engineer-says/
According to data collected by Microsoft’s network of honeypot servers, most brute-force attackers primarily attempt to guess short passwords, with very few attacks targeting credentials that are either long or contain complex characters.
“I analysed the credentials entered from over >25 million brute force attacks against SSH. This is around 30 days of data in Microsoft’s sensor network,” said Ross Bevington, a security researcher at Microsoft.
Read more:
https://therecord.media/attackers-dont-bother-brute-forcing-long-passwords-microsoft-engineer-says/